Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/ymcFi0Unv8tqKhnuGUaMgOd0ViE.roa
File: ymcFi0Unv8tqKhnuGUaMgOd0ViE.roa (raw, json)
Hash identifier: f0WdduUrR9SROhLlbzPFXawGGf+Q6kZ6bNMiip9BKUI=
Subject key identifier: CA:67:05:8B:45:27:BF:CB:6A:2A:19:EE:19:46:8C:80:E7:74:56:21
Certificate issuer: /CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Certificate serial: 019421B229AC9D37BD48D4BA5716149B08F4
Authority key identifier: 5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/ymcFi0Unv8tqKhnuGUaMgOd0ViE.roa
Signing time: Wed 01 Jan 2025 11:48:31 +0000
ROA not before: Wed 01 Jan 2025 11:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12364
IP address blocks: 83.212.88.0/22 maxlen: 22
195.251.208.0/20 maxlen: 20
2001:648:2810::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:29:ac:9d:37:bd:48:d4:ba:57:16:14:9b:08:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Validity
Not Before: Jan 1 11:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca67058b4527bfcb6a2a19ee19468c80e7745621
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d7:e1:f0:1b:3e:12:86:8b:3b:99:00:84:e5:
6e:f0:fa:88:3d:b6:83:ab:f0:bd:70:32:4c:01:e5:
91:a7:d4:7d:38:b9:9c:df:8f:23:c6:57:23:a5:7e:
dc:17:f1:39:ee:d8:c2:f5:b7:f0:91:0d:dc:23:e5:
eb:2c:3d:31:b3:91:dc:5b:cc:22:43:c3:6c:56:77:
ec:45:ee:43:66:97:a2:a1:c5:17:57:d1:bc:4d:a3:
be:19:f0:d7:63:ec:15:94:77:c1:02:7d:e6:98:f2:
c6:63:ee:d3:75:84:a4:6f:5c:e2:be:00:9c:73:69:
9b:2d:f0:4f:9e:9d:42:91:01:41:95:b7:f8:39:ef:
6d:e7:fd:f5:64:86:6f:65:29:9f:08:ec:80:da:2a:
56:54:20:c0:cb:87:be:08:29:b6:29:39:fd:2d:fe:
b7:c5:a3:66:bf:5e:a0:10:a8:a7:f9:e4:f0:bd:0c:
ea:a1:f0:85:33:fa:e9:15:60:29:7b:31:ae:9c:73:
16:62:55:2d:78:5b:de:e9:98:a9:90:2a:12:cd:86:
99:43:1b:e8:bb:eb:78:48:31:2a:9b:f1:11:a4:2a:
6c:6a:00:3a:c2:33:9f:21:13:0d:92:76:33:e3:01:
9c:da:fd:1e:ff:b9:50:9e:bb:a1:64:70:3f:46:1b:
b6:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:67:05:8B:45:27:BF:CB:6A:2A:19:EE:19:46:8C:80:E7:74:56:21
X509v3 Authority Key Identifier:
keyid:5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/ymcFi0Unv8tqKhnuGUaMgOd0ViE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.212.88.0/22
195.251.208.0/20
IPv6:
2001:648:2810::/48
Signature Algorithm: sha256WithRSAEncryption
59:5b:e6:d5:84:42:94:f8:61:15:8a:4e:64:b0:98:b0:3a:ee:
9c:be:3d:d0:8d:90:48:d3:cd:48:e2:30:c6:db:74:fd:5a:37:
d9:93:99:da:aa:f2:0a:ee:f6:68:48:de:f2:40:41:b7:da:2b:
f2:19:b6:12:4a:dd:7d:b5:cc:52:51:99:db:6a:01:25:bd:90:
2c:d5:c9:e8:ca:ed:53:8d:d1:f1:66:be:62:9b:1c:73:c5:8c:
da:7a:3f:5f:50:ca:61:a6:c0:d9:10:9a:17:64:d8:04:02:8a:
c9:69:83:a4:fe:f7:7a:ae:91:51:de:79:86:72:07:b3:d4:91:
24:c4:a0:28:1e:47:8c:11:49:22:3a:76:f5:c0:d9:06:5e:92:
14:2c:69:11:60:ef:2f:25:94:37:6b:4f:83:ac:33:9f:39:62:
66:1e:38:bb:d3:46:e5:fd:87:14:40:9c:43:12:f3:9d:55:54:
ad:18:0b:22:e5:57:81:5f:57:d5:6e:fc:3d:c9:e6:44:e9:b8:
f4:17:16:b6:39:48:e3:ba:49:be:0b:ec:3f:12:05:6d:ff:ea:
64:b9:e0:f3:3d:ca:b7:b1:97:b3:08:cf:ef:59:c8:62:bd:b9:
a7:66:17:70:79:18:27:f4:d4:a4:bd:eb:41:a9:45:ba:c6:75:
e5:ce:99:87
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQhsimsnTe9SNS6VxYUmwj0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNmY5Mjk1NTIxZGYzMGExNThmNTA2YmE3Y2I4NzNhYjk1
MjlkYzMwHhcNMjUwMTAxMTE0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTY3MDU4YjQ1MjdiZmNiNmEyYTE5ZWUxOTQ2OGM4MGU3NzQ1NjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdfh8Bs+EoaLO5kAhOVu8PqIPbaD
q/C9cDJMAeWRp9R9OLmc348jxlcjpX7cF/E57tjC9bfwkQ3cI+XrLD0xs5HcW8wi
Q8NsVnfsRe5DZpeiocUXV9G8TaO+GfDXY+wVlHfBAn3mmPLGY+7TdYSkb1zivgCc
c2mbLfBPnp1CkQFBlbf4Oe9t5/31ZIZvZSmfCOyA2ipWVCDAy4e+CCm2KTn9Lf63
xaNmv16gEKin+eTwvQzqofCFM/rpFWApezGunHMWYlUteFve6ZipkCoSzYaZQxvo
u+t4SDEqm/ERpCpsagA6wjOfIRMNknYz4wGc2v0e/7lQnruhZHA/Rhu2QwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMpnBYtFJ7/LaioZ7hlGjIDndFYhMB8GA1UdIwQY
MBaAFFpvkpVSHfMKFY9Qa6fLhzq5Up3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2Ut
YWFhNDU1M2QyYWJkLzEveW1jRmkwVW52OHRxS2hudUdVYU1nT2QwVmlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2UtYWFhNDU1M2QyYWJk
LzEvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCU9RYAwQE
w/vQMA8EAgACMAkDBwAgAQZIKBAwDQYJKoZIhvcNAQELBQADggEBAFlb5tWEQpT4
YRWKTmSwmLA67py+PdCNkEjTzUjiMMbbdP1aN9mTmdqq8gru9mhI3vJAQbfaK/IZ
thJK3X21zFJRmdtqASW9kCzVyejK7VON0fFmvmKbHHPFjNp6P19QymGmwNkQmhdk
2AQCislpg6T+93qukVHeeYZyB7PUkSTEoCgeR4wRSSI6dvXA2QZekhQsaRFg7y8l
lDdrT4OsM585YmYeOLvTRuX9hxRAnEMS851VVK0YCyLlV4FfV9Vu/D3J5kTpuPQX
FrY5SOO6Sb4L7D8SBW3/6mS54PM9yrexl7MIz+9ZyGK9uadmF3B5GCf01KS960Gp
RbrGdeXOmYc=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:02 2025 by rpki-client on console.sobornost.net